Bug 37984 - JNDIRealm.java not able to handle MD5 password
JNDIRealm.java not able to handle MD5 password
Product: Tomcat 5
Classification: Unclassified
Component: Catalina
Other other
: P3 normal (vote)
: ---
Assigned To: Tomcat Developers Mailing List
: PatchAvailable
Depends on:
  Show dependency tree
Reported: 2005-12-21 05:51 UTC by Eric Lenio
Modified: 2009-07-07 06:59 UTC (History)
0 users

Handle password digests that are prefixed with "{MD5}". (629 bytes, patch)
2005-12-21 05:52 UTC, Eric Lenio
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Eric Lenio 2005-12-21 05:51:20 UTC
I'm using JNDIRealm to authenticate to OpenLDAP 2.2.28.  Within OpenLDAP I've
configured the userPassword attribute for each user to contain the MD5 digest,
and each is prefixed with the string "{MD5}".  I am not an LDAP expert by any
means but I believe this prefix is a standard convention.  Anyway assuming this
is a convention then JNDIRealm needs to strip off the "{MD5}" portion much like
it does with "{SHA1}".  See attached patch which accomplishes this and I
verified it works in my environment.
Comment 1 Eric Lenio 2005-12-21 05:52:39 UTC
Created attachment 17249 [details]
Handle password digests that are prefixed with "{MD5}".
Comment 2 Mark Thomas 2009-07-01 15:15:50 UTC
Thanks for the patch and sorry for the delay.

This has been applied to trunk and proposed for 6.0.x and 5.5.x
Comment 3 Mark Thomas 2009-07-07 06:38:16 UTC
Fixed in 6.0.x and will be included in 6.0.21 omwards
Comment 4 Mark Thomas 2009-07-07 06:59:55 UTC
This has been fixed in 5.5.x and will be included in 5.5.28 onwards.